open-gitlab.going-link.com/operation-sre/uvpn
uvpn 管理服务(rpc)
会根据uvpn.proto文件更新项目uvpnpb、uvpnclient
后面若更新proto文件,在项目根目录执行此命令刷新项目:
goctl rpc protoc uvpn.proto --go_out=. --go-grpc_out=. --zrpc_out=. --style goZero
# 格式化
clang-format -i uvpn.proto
# 调试远程rpc服务
grpcui -plaintext 192.168.5.119:8082
# 调试本地rpc服务
grpcui -plaintext 127.0.0.1:8082
# 调试生产
grpcui -plaintext 10.10.210.18:8082
# 为了方便测试 目前全部模式都打开rpc的反射服务的注册
if c.Mode == service.DevMode || c.Mode == service.TestMode || c.Mode == service.ProMode || c.Mode == service.PreMode {
reflection.Register(grpcServer)
}
# dev和test模式下 只会修改二进制程序同目录下的ccd文件中的内容
service.DevMode || c.Mode == service.TestMode
go build -o uvpn
sudo nohup ./uvpn &
用 supervisord 守护go rpc服务进程,设置自动尝试三次重启,需要将/opt/go/src/uvpn/etc/uvpn.yaml配置文件修改参数:
mode 为 pro 模式时候不可以用 grpcui 工具测试rpc接口,可以改成 dev 然后重启 supervisord 来重启uvpn rpc服务后才可以用 grpcui 测试;
默认 守护uvpn服务,使其被杀掉3次可以重试拉起。
Mode: pro
RedisConf:
DB: 7
CcdFilePath: /etc/openvpn/ccd
DevCcdFilePath: ./ccd
操作命令
# 上传到某打包服务器(centos7)并打包
go build -o uvpn
# 切root用户
sudo su
# jumpserver uvpn服务器
cd /opt/go/src/uvpn/
mv /home/zhenyun/uvpn .
chmod 777 uvpn
# 重启
cat /tmp/supervisord.pid | xargs sudo kill -HUP
#日志
tail -100f /tmp/supervisord.log
# 其他操作
vim /etc/supervisord.conf
# 启动
sudo /usr/bin/supervisord -c /etc/supervisord.conf
supervisor配置文件
[unix_http_server]
file=/tmp/supervisor.sock ; the path to the socket file
[supervisord]
logfile=/tmp/supervisord.log ; main log file; default $CWD/supervisord.log
logfile_maxbytes=50MB ; max main logfile bytes b4 rotation; default 50MB
logfile_backups=10 ; # of main logfile backups; 0 means none, default 10
loglevel=info ; log level; default info; others: debug,warn,trace
pidfile=/tmp/supervisord.pid ; supervisord pidfile; default supervisord.pid
nodaemon=false ; start in foreground if true; default false
minfds=1024 ; min. avail startup file descriptors; default 1024
minprocs=200 ; min. avail process descriptors;default 200
;umask=022 ; process file creation umask; default 022
;user=supervisord ; setuid to this UNIX account at startup; recommended if root
;identifier=supervisor ; supervisord identifier, default is 'supervisor'
;directory=/tmp ; default is not to cd during start
;nocleanup=true ; don't clean up tempfiles at start; default false
;childlogdir=/tmp ; 'AUTO' child log dir, default $TEMP
;environment=KEY="value" ; key value pairs to add to environment
;strip_ansi=false ; strip ansi escape codes in logs; def. false
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL for a unix socket
[program:uvpn]
command=/opt/go/src/uvpn/uvpn ; the program (relative uses PATH, can take args)
;numprocs=1 ; number of processes copies to start (def 1)
autostart=true ; start at supervisord start (default: true)
startsecs=10 ; # of secs prog must stay up to be running (def. 1)
startretries=3 ; max # of serial start failures when starting (default 3)
autorestart=true ; when to restart if exited after running (def: unexpected)
注意:千万别再uvpn网关服务器打包,请在其他centos7打包将二进制文件更新替换。
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.